Hedera Lending Protocol Bonzo Loses 77% After $9M Oracle Hack
Bonzo Finance, a lending protocol on Hedera, saw its total value locked crater after an oracle exploit drained roughly $9 million.
If you've been watching the decentralized finance space, you already know oracle exploits are one of the nastiest attack vectors out there — and Bonzo Finance just learned that lesson the hard way. The Hedera-based lending protocol lost approximately $9 million in what appears to be a classic price oracle manipulation attack, sending its total value locked (TVL) tumbling by a gut-punching 77%.
For anyone new to the jargon: an oracle is basically the messenger that tells a smart contract what an asset is worth in the real world. When a bad actor manipulates that price feed, they can trick the protocol into thinking an asset is worth far more — or far less — than it actually is. That opens the door to borrowing way more than anyone should be able to, or liquidating positions unfairly. It's like rigging the scale at a butcher shop, except the stakes are millions of dollars.
Read more AppLovin vs. Fastly: Comparing Revenue Trends in Tech →
Bonzo Finance operates on the Hedera network, a distributed ledger that markets itself as a faster, cheaper alternative to Ethereum. Despite Hedera's technical architecture, the exploit underscores a hard truth: the security of any DeFi protocol is only as strong as its weakest link, and price oracles remain a persistent vulnerability across virtually every blockchain ecosystem.
Events like this are a reminder to anyone parking money in DeFi lending platforms to look closely at how a protocol sources its price data and whether it uses multiple oracle providers or circuit breakers to prevent manipulation. Nine million dollars is a serious hit, and the near-80% TVL drop signals that users voted with their feet — and their wallets — almost immediately after news broke.
Continue reading at CoinDesk